search

passwordless-lib / fido2-net-lib

FIDO2 .NET library for FIDO2 / WebAuthn Attestation and Assertion using .NET
https://fido2-net-lib.passwordless.dev/
MIT License
1.15k stars 166 forks source link

Bump System.IdentityModel.Tokens.Jwt from 7.0.2 to 7.1.2 in /Src/Fido2 #488

Closed dependabot[bot] closed 8 months ago

dependabot[bot] commented 8 months ago

Bumps System.IdentityModel.Tokens.Jwt from 7.0.2 to 7.1.2.

Release notes

Sourced from System.IdentityModel.Tokens.Jwt's releases.

7.1.2

Security fixes

See https://aka.ms/IdentityModel/Jan2024/zip and https://aka.ms/IdentityModel/Jan2024/jku for details.

7.1.0-preview

Include IdentityModel 6.32.0 release updates, including AAD specific signing key issuer validator and fix perf regression.

7.0.3

Bug Fixes:

  • Fix errors like the following reported by multiple customers at dotnet/aspnetcore#51005 when they tried to upgrade their app using AddMicrosoftIdentityWebApp to .NET 8. See PR for details.
  • Fix compatibility issue with 6x when claims are a bool. See issue #2354 for details.
Changelog

Sourced from System.IdentityModel.Tokens.Jwt's changelog.

See the releases for details on bug fixes and added features.

7.0.3

Bug Fixes:

  • Fix errors like the following reported by multiple customers at dotnet/aspnetcore#51005 when they tried to upgrade their app using AddMicrosoftIdentityWebApp to .NET 8. See PR for details.
  • Fix compatibility issue with 6x when claims are a bool. See issue #2354 for details.
Commits
  • a607fa5 Merged PR 10669: update version to 7.1.2
  • 44021bb Merged PR 10664: Update dev branch from public GitHub dev
  • a22ab8e Merged PR 10603: Re-enable Jwt sub claim as either Number or String
  • 1966c05 fixup prefix
  • 97888a2 Merged PR 10258: Compatibility with 6x for bool claims (#2367)
  • 5c1ea4a Merged PR 10241: Update dev to fix the release build
  • ec25d19 reduced size for netcorestandard2.1 compression size is larger.
  • b16f758 Merged PR 10217: Disable test that set statics.
  • ceeff41 Merged PR 10199: Set MaximumDeflateSize
  • e986e22 Merged PR 10198: Don't resolve jku claim by default
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/passwordless-lib/fido2-net-lib/network/alerts).
codecov-commenter commented 8 months ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Comparison is base (c2f384d) 74.19% compared to head (c4b6701) 74.19%.

:exclamation: Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## master #488 +/- ## ======================================= Coverage 74.19% 74.19% ======================================= Files 100 100 Lines 2709 2709 Branches 444 444 ======================================= Hits 2010 2010 Misses 595 595 Partials 104 104 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

dependabot[bot] commented 8 months ago

Looks like System.IdentityModel.Tokens.Jwt is no longer a dependency, so this is no longer needed.